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(54) Forwarding of IP packets for routing protocols 



(57) A forwarding engine of a router device may re- 
place addresses of some IP packets by virtual ones 
such to mask the active routing daemon. This is used in 
unicast regime when said forwarding engine forwards 
incoming IP packets from neighbor routers to said rout- 
ing daemon. It is also used in unicast as well as in mul- 
ticast regime in the opposite case. A standby routing 
daemon may also be used on another processor by af- 



fecting same virtual addresses for its ports as the first 
active routing daemon. In a case of failure of the first 
active routing daemon, a controller will switch said 
standby routing daemon to be the new active daemon 
connectedtotheforwarding engine. A CompactPCI (Pe- 
ripheral Component interconnect) bus can be advanta- 
geously used. In that case, the forwarding engine is a 
peripheral board of the controller of that CompactPCI. 
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Description 

[0001] The present invention relates to the continuity 
service of internet Protocol IP routing. More specifically, 
the invention provides a router device for IP routing as 
set forth in the preamble of claim 1 , and a method for 
forwarding incoming as well as outgoing I P packets from 
respectively neighbor routers to some active routing 
daemon and vice versa. 

[0002] A router device or router - a level three IP pack- 
et switch formerly called a gateway in the literature -con- 
tains a plurality of connections with other routers. These 
connections can be of different natures depending of the 
used protocol e.g. a point to point or a multi-access one, 
latter being used for an Ethernet based network. The 
use of a protocol like OSPF (Open Shortest Path First) 
protocol which is a TCP/IP (Transmission Control Pro- 
tocol over Internet Protocol) will permit to the routers to 
get enough information about the network for a success- 
ful forwarding of the received packets. The routing when 
using e.g. OSPF protocol will be dynamical i.e. a change 
in the topology of the network will be taken into account 
in a dynamic way. It implies that some exchange of in- 
formation must be performed regularly between the 
routers so to update a database of each router concern- 
ing information of an actual status of the network. 
[0003] It may be necessary according to the type of 
the connection and the used routing protocol to build a 
so-called adjacency process between several different 
routers. In that case, routers that become adjacent will 
have some information concerning the state of the net- 
work so to be able to forward any incoming packets. 
These information are organized in a routing table. And 
due to the dynamical mode, these routing tables must 
be updated regularly. But to optimize the traffic of pack- 
ets, such adjacency process may be done only between 
a router and a designated neighbor router. The updates 
are performed via exchange of messages called Link 
State Advertisement LSA containing some information 
about the network. The routing tables are then calculat- 
ing by each router using that information. 
[0004] A lot of applications must be highly available. 
But due to potential hardware or software failures, desk- 
top systems like routers are not, strictly speaking highly 
available. A way to improve the situation is to use a clus- 
tering model i.e. use a group of redundant and autono- 
mous server platforms including routers in a networked 
configuration. In that case, if one autonomous platform 
fails, a standby platform will take its place. But such 
model has the big drawback that a takeover time is of 
the order of 30 to 90 seconds. During that takeover time, 
ail packets will be lost which is an unsatisfactory situa- 
tion for many application. 

[0005] In US5,473,599 and in the documentation to 
be found on the 15 th of October 2001 under http://www. 
cisco.com/univercd/cc/td/doc/product/lan/ 
cat6000/sft_6_1/configgd/redund.htm are explained an 
alternative to guarantee high availability using Hot 



Standby Router Protocol HSRP. In that case, a system 
database is maintained on an active supervisor engine 
(in our case a router) and updates are sent to a standby 
supervisor engine (an adjacent router) for any change 
J of data in the system database. The active supervisor 
engine communicates and updates the standby super- 
visor engine when any state changes occur, ensuring 
that the standby supervisor engine knows the current 
protocol state of supported features. A synchronization 
o of each database, among other the routing tables, must 
be performed. The standby supervisor engine is isolated 
from the system bus and does not switch packets. But 
it does receive packets from the switching bus to learn 
and populate the routing table. The standby supervisor 
5 engine does not participate in forwarding any packets 
and does not communicate with any modules. 
[0006] When using HSRP, it may be convenient to use 
also Virtual Router Redundancy Protocol VRRP as dis- 
cussed at the IETF and to be find on the 15 th of October 
20 2001 under http^/www. ietf.org/html .charters/vrrp -char- 
ter.html. In that case, each element of the network in an 
HSRP group will share a virtual IP address and MAC 
(media access control) address. In other words, several 
routers on a LAN (Local Area Network) on a multl-ac- 
25 cess link will be able to use the same virtual IP address. 
One router will be elected as a master with the other 
routers acting as backups in case of the failure of the 
master router. The master will forward packets sent to 
these IP addresses. The election process provides dy- 
30 namic fail over in the forwarding responsibility should 
the master become unavailable. This allows any of the 
virtual router IP addresses on the LAN to be used as the 
default first hop router by end-hosts. The advantage 
gained from using VRRP is a higher availability default 
35 path without requiring configuration of dynamic routing 
or router discovery protocols on every end-host. But it 
is based on the use of different routers on a LAN i.e. at 
least two, one for the master and one for the backup, 
and each of these routers being independent server 
40 platform, a very costly engine. 

[0007] It is an object of the present invention to pro- 
vide high availability of routing of IP packets at the low- 
est possible cost. 

[0008] This object is attained by a router device as 
45 claimed in claim 1 and a method for forwarding IP pack- 
ets as claimed in claim 8. 

[0009] It is advantageously taken profit of the possi- 
bility when using a forwarding engine physically sepa- 
rated from the active routing daemon to let that f orward- 

so jng engine replacing addresses of some IP packets by 
virtual ones such to mask the real routing daemon. This 
is of particularly importance when the router device has 
several outgoing ports. It is then used in unicast regime 
when said forwarding engine forwards incoming IP 

55 packets from neighbor routers to said routing daemon. 
It is also used in unicast as well as in multicast regime 
when said forwarding engine forwards outgoing IP pack- 
ets from said routing daemon to neighbor routers. 
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[0010] In another embodiment, a standby routing dae- 
mon is advantageously used on another processor by 
affecting same virtual addresses for its ports as the first 
active routing daemon. In a case of failure of the first 
active routing daemon, a controller will then switch said 
standby routing daemon to be the new active daemon 
connected to the forwarding engine. 
[0011] In a further embodiment, it is taken advantage 
of the use of a CompactPCI (Peripheral Component In- 
terconnect) bus. In that case, the forwarding engine is 
a peripheral board of the controller of the CompactPCI. 
And the processors on which the routing daemon are 
running are directly connected to that CompactPCI bus. 
[0012] Further advantageous features of the inven- 
tion are defined in the dependent claims and will be- 
come apparent from the following description and the 
drawings. 

[0013] One embodiment of the invention will now be 
explained in more details with reference to the accom- 
panying drawings, in which: 

Fig. 1 is a schematic view of an hardware architec- 
ture according to the invention; 

Fig. 2 is a schematic view of control packets flows. 

[0014] On figure 1 is depicted a router device 1 usually 
with several outgoing (Input/Output) ports and connect- 
ed to some network for forwarding IP packets. Such 
router device 1 contains a processor board 2 on which 
is running an active routing daemon - system master. 
This processor board 2 is directly connected through 
some bus 4 to a forwarding engine 3 - peripheral board. 
[0015] The forwarding engine 3 is set such that it for- 
wards incoming IP packets from neighbor routers to said 
active routing daemon or outgoing IP packets from said 
active routing daemon to neighbor routers. This can oc- 
cur mainly in two different modes i.e. in unicast or mul- 
ticast, latter encompassing broadcast mode. In the later 
protocol IPv6, it exists also anycast mode which is en- 
compassed in the present invention by unicast. Unicast 
mode means that a communication occurs via a point- 
to-point communication. Anycast refers to the ability of 
a device to establish a communication with the closest 
member of a group of devices, in our cases routers of a 
network. By way of example, a host might establish a 
communication with the closest member of a group of 
routers for purposes of updating a database like a rout- 
ing table. That router would then assume responsibility 
for retransmitting that update to all members of the rout- 
er group on the basis of a multicast. More generally, mul- 
ticast mode is the case when a broadcasting of messag- 
es is performed to a selected group of devices on a LAN, 
WAN or the Internet It is a communication between a 
single device and multiple members of a device group. 
[0016] According to the present invention, the for- 
warding engine 3 when forwarding incoming IP packets 
from neighbor routers to the routing daemon - system 



master -, will replace in unicast regime destination ad- 
dresses of its outgoing ports in IP packets with virtual 
one of said active routing daemon. And when forwarding 
outgoing IP packets from said routing daemon to neigh- 
s bor routers, will replace in unicast as well as multicast 
regimes, virtual source addresses of said active routing 
daemon in IP packets with the addresses of its outgoing 
ports. 

[0017] Usually, the addresses which are of concern in 

10 the present invention - not exclusively - are the IP ad- 
dresses and/or the MAC (media access control) ad- 
dresses. An IP address is a network layer address for a 
device operating in the IP suite of protocols. The IP ad- 
dress is typically a 32 bit field or even 1 28 bit under IPv6 , 

*5 at least a portion of which contains information corre- 
sponding to its particular network segment. A MAC ad- 
dress is an address of a device at the sublayer of the 
data link layer. It Is generally Intended to apply to a spe- 
cific physical device no matter where it is plugged into 

20 the network. Thus, a MAC address is generally hard- 
coded into the device - on a router's ROM, for example. 
In the present case, the addresses which are replaced 
by the forwarding engine (3) will be preferably the IP- 
and/or MAC addresses. 

25 [0018] In figure 1 is furthermore pictured the router de- 
vice 1 with a second processor board 5 - system slave 
- on which is running a standby routing daemon. The 
second processor board 5 is firstly connected to the 
processor board 2 via a specific bus connection 8. All 

30 the updates of the database will occur through such bus 
connection 8, particularly the routing table allowing in 
case of necessity a very fast takeover of the standby 
routing daemon to become the new active routing dae- 
mon. This takeover is performed by a controller 6 which 

35 is connected with the bus 4 as well as a specific bus 7 
directly connected with the second processor board 5. 
In case of a failure of the active routing daemon, the 
controller 6 will switch the standby routing daemon to 
be the new active daemon connected then via its spe- 

40 cific bus 7 to the forwarding engine 3. The previously 
active daemon may then become the new standby rout- 
ing daemon if the failure was not irreversible. If neces- 
sary, the previously older active daemon can be discon- 
nected from the forwarding engine 3 by the controller 6 

45 almost at the same time as the standby daemon is con- 
nected to the forwarding engine 3. In any case, the take- 
over will take only few ms which has to be compared 
with the 30 to 90 s in previous cases, it means almost 
no lost of packets to be forward will be noticed. 

so [0019] Instead of using two different routers for the ac- 
tive as well as the standby supervisor engine, it may be 
of interest to use two different system boards of the 
same CompactPCI (Peripheral Component Intercon- 
nect). This will substantially lower the price of such ar- 

55 chitecture. In that case, the two processor boards 2 and 
5 on figure 1 are two system boards of this CompactPCI, 
the controller 6 is the controller of this CompactPCI and 
the forwarding engine 3 is a peripheral forwarding of that 
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controller 6. An Ethernet over CompactPCI driver may 
be used to communicate between the two different 
boards 2, 5 using the bus 8. This driver may affect au- 
tomatically MAC address to each system board, partic- 
ularly, it can affect the same MAC address. Moreover, it 
is possible to set the IP addresses of the two system 
boards to the same value. 

[0020] In figure 2 are shown four different situations 
of control of packets flow according to the present in- 
vention. The peripheral board is the forwarding engine 
3 with two real physical outgoing ports, and the system 
master is the active routing daemon with one real phys- 
ical outgoing port. Furthermore, some virtual interfaces 
are created on the processor boards 2, 5 of the system 
master to simulate the real outgoing interfaces (Input/ 
Output) of the forwarding engine 3. Here, two virtual in- 
terfaces of the system master are depicted to match the 
number of the real outgoing ports of the forward engine 
3. But the number of real ports is only indicative and can 
be more then two. The routing protocol daemon can 
then be run with only few minor modifications. A packet 
analyzer software running on the peripheral board (for- 
warding engine 3) will be used to forward and mask the 
control packets for routing protocols such to redirect the 
packets In order to let the external networks and routing 
protocol daemon from neighbor routers believing that 
the packets are located on the peripheral board, 
[0021] In the cases a and b are depicted the situations 
for incoming IP packets from neighbor routers to the ac- 
tive routing daemon. In unicast regime - a - the forward- 
ing engine 3 forwards incoming packets to the virtual 
interface of the system master by modifying the IP and 
MAC addresses to match the one of the processor board 
target interface of the system master. In multicast re- 
gime - b - the forwarding of the incoming packets to the 
real interface of the system master occurs without any 
change of addresses. 

[0022] In the cases c and d are depicted the situations 
for outgoing IP packets from the active routing daemon 
to neighbor routers. This time, in both regimes unicast 
as well as multicast one, respectively case c and d, the 
forwarding of packets to the outgoing interface of the 
peripheral board (forwarding engine 3) will take place 
by matching with the virtual interface where the packet 
is coming from. For that, the IP as well as the MAC ad- 
dresses are modified to match with the outgoing inter- 
faces. 

[0023] The use of such method where destination ad- 
dresses IP packets to be forward may be replaced al- 
lows to have a redundant routing daemon running on a 
separate board acting as a standby one. This is 
achieved with a minimal intrusion in the routing protocol 
code. In such a way, it is possible in case of failure to 
restart routing protocols i.e. switch from active routing 
daemon to the standby routing daemon without warning 
neighbor routers. 



Claims 

1. Router device (1) for IP (internet protocol) routing 
having an active routing daemon running on a proc- 
5 essor board (2) connected to a forwarding engine 
(3) containing at least two outgoing ports and for- 
warding incoming IP packets from neighbor routers 
to said routing daemon or outgoing IP packets from 
said routing daemon to neighbor routers character- 
to Ized In, that said forwarding engine (3) when for- 
warding said incoming IP packets replaces in uni- 
cast regime destination addresses of its outgoing 
ports in IP packets with virtual one of said active 
routing daemon and when forwarding said outgoing 
is ip packets replaces in unicast as well as multicast 
regimes virtual source addresses of said active 
routing daemon in IP packets with the addresses of 
its outgoing ports. 

20 2. Router device (1) according to claim 1 character- 
ized In, that the replaced addresses are the IP- 
and/or the MAC (media access control) -addresses. 

3. Router device (1) according to claim 1 character- 
's ized in, that said processor board (2) is intercon- 
nected with neighbor routers via a compactPCI (pe- 
ripheral component interconect) bus while said for- 
warding engine (3) is a peripheral board connected 
to said compactPCI bus. 

30 

4. Router device (1) according to claim 1 character- 
ized in, that it contains a standby routing daemon 
running on an another processor board (5) with 
same affected virtual addresses for its ports as said 

35 active routing daemon and a controller (6) which in 
case of a failure of said active daemon switches 
said standby routing daemon to be the new active 
daemon connected to said forwarding engine (3). 

40 5. Router device (1) according to claim 3 character- 
ized in, that said active routing daemon and said 
standby routing daemon are connected with each 
other through a specific connection (8) for data 
transfer enabling a synchronization of said active 

45 with said standby routing daemon. 

6. Router device (1) according to claim 4 character- 
ized in, that said connection between said active 
routing daemon and said standby routing daemon 

so js controlled by a driver on said controller (6) which 
affects the same addresses to said active as well 
as standby routing daemon. 

7. Router device (1) according to claim 3 character- 
55 ized in, that said controller (6) contains a compact- 
PCI (peripheral component interconnect) bus and 
said forwarding engine (3) is a peripheral board of 
said controller. 
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8. Method for forwarding incoming IP packets from 
neighbor routers to some active routing daemon or 
outgoing IP packets from said active routing dae- 
mon to neighbor routers by a forwarding engine (3) 
containing at least two outgoing ports and connect- 5 
ed to some router device (1 ) for IP routing contain- 
ing said active routing daemon running on a proc- 
essor board (2) while when forwarding said incom- 
ing IP packets in unicast regime, destination ad- 
dresses of said outgoing ports in IP packets are re- 10 
placed by virtual one of said active routing daemon 

or when forwarding said outgoing IP packets in uni- 
cast as well as multicast regimes, virtual source ad- 
dresses of said active routing daemon in IP packets 
are replaced with the addresses of said outgoing is 
ports. 

9. Method according to claim 8 characterized In, that 

the replaced addresses are the IP- and/or the MAC 
(media access control) -addresses. 20 

10. Method according to claim 8 characterized in, that 

in case of a failure of said active daemon a switch 
occurs to a standby routing daemon running on an 
another processor board (5) and affected with same 25 
affected virtual addresses for its ports as said active 
routing daemon, while said standby routing daemon 
being the new active daemon connected to said for- 
warding engine (3). 
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